On 25 October 2011 19:26, information security <[email protected]> wrote: > > #Product Outlook Web Access 8.2.254.0 > > > #Vulnerability > SideJacking is the process of sniffing web cookies, then replaying them to > clone another user's web session. Using a cloned web session, the jacker can > exploit the victim's previously-established site access >
Wait, your saying if someone gets the session token, they get access to the session! Oh my god, why didnt I see it before? We're so screwed, almost every web application I've ever used, written, or tested is vulnerable to this issue. Quick, close down the internet before it's too late! Renski _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
